Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

1ea9add044...5c.exe

windows7-x64

8

1ea9add044...5c.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 20:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe

  • Size

    5.0MB

  • MD5

    d8e5be4f6cceb9d0b4e7a5c7bc454931

  • SHA1

    32c0facfa09ad99295bf1fd3d28920cd662c1942

  • SHA256

    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c

  • SHA512

    1bbb54eb29df394c7025c12e8ed20e61d0236e84e41b3b99cfac2822231fd4f0181a91176b7aa824ab10bec10a916ffffbc80a36ed3b0860377e67622b3a22d1

  • SSDEEP

    98304:QLPIAN/nUeKbj+U+o4TTOM8KdzOJDb4v+B:LAN/W0nwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    "C:\Users\Admin\AppData\Local\Temp\1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2232

Network

  • flag-us
    DNS
    api.browser.yandex.net
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.net
    IN A
    Response
    api.browser.yandex.net
    IN A
    213.180.193.234
  • flag-us
    DNS
    api.browser.yandex.ru
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.ru
    IN A
    Response
    api.browser.yandex.ru
    IN A
    213.180.193.234
  • flag-us
    DNS
    download.cdn.yandex.net
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    download.cdn.yandex.net
    IN A
    Response
    download.cdn.yandex.net
    IN CNAME
    cdn.yandex.net
    cdn.yandex.net
    IN A
    5.45.205.245
    cdn.yandex.net
    IN A
    5.45.205.241
    cdn.yandex.net
    IN A
    5.45.205.242
    cdn.yandex.net
    IN A
    5.45.205.243
    cdn.yandex.net
    IN A
    5.45.205.244
  • flag-ru
    GET
    https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /content/get/experiments/browser.proto?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 491136
    Content-Type: application/octet-stream
    Date: Sun, 31 Dec 2023 20:11:35 GMT
    Last-Modified: Fri, 29 Dec 2023 11:09:02 GMT
    X-Country: gb
    X-Seed-Signature: MEUCIQDzvX8ktSfM+yEQplVgXYj02Q4h6VagbcHI85SKie4DLwIgHnu9/xkHHj16PXCHcxndUDkncSyNofl0S7dWtW8KkdE=
    X-Yandex-Req-Id: 1704053495105671-3597515861147966040-w2ebsbspvbhqxgff-BAL
  • flag-ru
    GET
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /ab/get?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 644277
    Content-Type: text/csv; charset=utf-8
    Date: Sun, 31 Dec 2023 20:11:44 GMT
    Etag: "9c20c22909ac783cc4600bcfd87ed68a"
    Last-Modified: Sun, 31 Dec 2023 20:11:44 GMT
    X-Seed-Signature: MEQCIAmf5vWBOzyy9i5x5xixLLz2MOQZWSN39BlDe8jPFLWYAiBwWMBZ73B4Tka3yz7+t3LLxCUr7AC3+Lb9nsBjAMa8ag==
    X-Yandex-Req-Id: 1704053504619079-11831851823040824499-w2ebsbspvbhqxgff-BAL
  • flag-ru
    GET
    https://download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    5.45.205.245:443
    Request
    GET /browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: download.cdn.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 302 Found
    Server: nginx/1.17.9
    Date: Sun, 31 Dec 2023 20:11:34 GMT
    Content-Length: 0
    Connection: keep-alive
    Keep-Alive: timeout=5
    Location: https://cachev2-m9-2.cdn.yandex.net/download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true&lid=94
    X-Request-Id: 1704053494350216-2102355959695785123
    X-Strm-Request-Id: 1704053494350216-2102355959695785123
    X_h: strm-cacto-production-10.sas.yp-c.yandex.net
    Expires: Thu, 01 Jan 1970 00:00:01 GMT
    Cache-Control: no-cache
    Cache-Control: no-store,no-cache,must-revalidate
    Pragma: no-cache
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=started,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/*
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=started,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sun, 31 Dec 2023 20:11:34 GMT
    Set-Cookie: _yasc=XN4eFcX1fdn0F8cqHDl52UkhCQ8xQQ03MVHOK00qZ2Vefk1teMPyGnHbgUAhN7W1YCY5; domain=.yandex.ru; path=/; expires=Wed, 28 Dec 2033 20:11:34 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1704053494699686-11321309534232376294-hvv4oywxjqx2pxkl-BAL
  • flag-us
    DNS
    crl.globalsign.com
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    crl.globalsign.com
    IN A
    Response
    crl.globalsign.com
    IN CNAME
    global.prd.cdn.globalsign.com
    global.prd.cdn.globalsign.com
    IN CNAME
    cdn.globalsigncdn.com.cdn.cloudflare.net
    cdn.globalsigncdn.com.cdn.cloudflare.net
    IN A
    104.18.20.226
    cdn.globalsigncdn.com.cdn.cloudflare.net
    IN A
    104.18.21.226
  • flag-us
    DNS
    crl.globalsign.com
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    crl.globalsign.com
    IN A
  • flag-us
    DNS
    cachev2-m9-2.cdn.yandex.net
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    cachev2-m9-2.cdn.yandex.net
    IN A
    Response
    cachev2-m9-2.cdn.yandex.net
    IN A
    37.9.117.100
  • flag-us
    DNS
    cachev2-m9-2.cdn.yandex.net
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    8.8.8.8:53
    Request
    cachev2-m9-2.cdn.yandex.net
    IN A
  • flag-us
    GET
    http://crl.globalsign.com/root.crl
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    104.18.20.226:80
    Request
    GET /root.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.globalsign.com
    Response
    HTTP/1.1 200 OK
    Date: Sun, 31 Dec 2023 20:11:34 GMT
    Content-Type: application/pkix-crl
    Content-Length: 1739
    Connection: keep-alive
    Last-Modified: Sat, 07 Oct 2023 00:00:00 GMT
    ETag: 5B
    Expires: Mon, 15 Jan 2024 00:00:00 GMT
    Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
    CF-Cache-Status: HIT
    Age: 1343
    Accept-Ranges: bytes
    Server: cloudflare
    CF-RAY: 83e52c25ee427447-LHR
  • flag-ru
    GET
    https://cachev2-m9-2.cdn.yandex.net/download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true&lid=94
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    37.9.117.100:443
    Request
    GET /download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true&lid=94 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: cachev2-m9-2.cdn.yandex.net
    Cache-Control: no-cache
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 31 Dec 2023 20:11:38 GMT
    Content-Type: application/octet-stream
    Content-Length: 160253080
    Connection: keep-alive
    Keep-Alive: timeout=60
    Etag: "8d4ce8804f4d6330cb29ffef513fcbfa"
    Last-Modified: Tue, 26 Dec 2023 13:21:00 GMT
    X-Amz-Request-Id: 093ec2a18027903b
    Access-Control-Allow-Origin: *
    X-Robots-Tag: noindex, noarchive, nofollow
    X-Strm-Log-Split: 7
    X_h: cachev2-m9-2.cdn.yandex.net
    X-Strm-Request-Id: 71fd01a078739cca
    X-Request-Id: 71fd01a078739cca
    Report-To: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
    NEL: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
    Accept-Ranges: bytes
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-downloaded_size=160253080,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-redirect=cachev2_m9_2.cdn.yandex.net,-status=success,-testids=,-total_size=160253080,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fexp_vygoda_2%252F23_11_3_935_52707%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=5858505381694327319/*
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-downloaded_size=160253080,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-redirect=cachev2_m9_2.cdn.yandex.net,-status=success,-testids=,-total_size=160253080,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fexp_vygoda_2%252F23_11_3_935_52707%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=5858505381694327319/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sun, 31 Dec 2023 20:12:13 GMT
    Set-Cookie: _yasc=8dLa0lTOJXR+DcOUgH09JSRTw8Nf1ToEaQUyQpstEqlWyepqS9LuJyVO3EfDoTpUPyc=; domain=.yandex.ru; path=/; expires=Wed, 28 Dec 2033 20:12:13 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1704053533246724-16592712503049892623-hgbvvxdpj4qsqhpo-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-download_time=50,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-new_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=finished,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/*
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-download_time=50,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-new_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=finished,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sun, 31 Dec 2023 20:12:21 GMT
    Set-Cookie: _yasc=S0SYgA3TjtH70Gq9nHa9lLnGKv3N3GgVwy8xAUQ/j+cZZusjX+zxilzQVNrWxs2eWObH; domain=.yandex.ru; path=/; expires=Wed, 28 Dec 2033 20:12:21 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1704053541911468-1781838695508046539-okdpxsaepeoa6zi5-BAL
  • 213.180.193.234:443
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935
    tls, http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    32.8kB
     1.2MB
     618
    961

    HTTP Request

    GET https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935

    HTTP Response

    200

    HTTP Request

    GET https://api.browser.yandex.net/ab/get?brand=yandex&partner=exp_vygoda_2&uid=4B2A3C33-3B8F-4F79-9723-98AAF879F68D&version=23.11.3.935

    HTTP Response

    200
  • 5.45.205.245:443
    https://download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true
    tls, http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    1.8kB
     6.2kB
     19
    15

    HTTP Request

    GET https://download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true

    HTTP Response

    302
  • 213.180.193.234:443
    api.browser.yandex.ru
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    52 B
     1
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=started,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/*
    tls, http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    2.3kB
     5.8kB
     15
    13

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=started,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/*

    HTTP Response

    200
  • 104.18.20.226:80
    http://crl.globalsign.com/root.crl
    http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    356 B
     2.3kB
     5
    4

    HTTP Request

    GET http://crl.globalsign.com/root.crl

    HTTP Response

    200
  • 37.9.117.100:443
    https://cachev2-m9-2.cdn.yandex.net/download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true&lid=94
    tls, http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    8.7MB
     172.6MB
     119379
    123584

    HTTP Request

    GET https://cachev2-m9-2.cdn.yandex.net/download.cdn.yandex.net/browser/exp_vygoda_2/23_11_3_935_52707/browser-setup.arc?from_installer=true&lid=94

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-downloaded_size=160253080,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-redirect=cachev2_m9_2.cdn.yandex.net,-status=success,-testids=,-total_size=160253080,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fexp_vygoda_2%252F23_11_3_935_52707%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=5858505381694327319/*
    tls, http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    1.7kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-downloaded_size=160253080,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-redirect=cachev2_m9_2.cdn.yandex.net,-status=success,-testids=,-total_size=160253080,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fexp_vygoda_2%252F23_11_3_935_52707%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=5858505381694327319/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-download_time=50,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-new_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=finished,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/*
    tls, http
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    1.5kB
     6.4kB
     12
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0099040001:SW_bb8fff3c6724,-brand_id=yandex,-browser_present=none,-download_time=50,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.3.935,-new_ver=23.11.3.935,-old_style=0,-old_ver=,-partner_id=exp_vygoda_2,-stage=finished,-testids=,-ui=4B2A3C33_3B8F_4F79_9723_98AAF879F68D,-yandex_uid=5858505381694327319/*

    HTTP Response

    200
  • 8.8.8.8:53
    api.browser.yandex.net
    dns
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    68 B
     84 B
     1
    1

    DNS Request

    api.browser.yandex.net

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    api.browser.yandex.ru
    dns
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    67 B
     83 B
     1
    1

    DNS Request

    api.browser.yandex.ru

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    download.cdn.yandex.net
    dns
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    69 B
     163 B
     1
    1

    DNS Request

    download.cdn.yandex.net

    DNS Response

    5.45.205.245
    5.45.205.241
    5.45.205.242
    5.45.205.243
    5.45.205.244

  • 8.8.8.8:53
    crl.globalsign.com
    dns
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    128 B
     179 B
     2
    1

    DNS Request

    crl.globalsign.com

    DNS Request

    crl.globalsign.com

    DNS Response

    104.18.20.226
    104.18.21.226

  • 8.8.8.8:53
    cachev2-m9-2.cdn.yandex.net
    dns
    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    146 B
     89 B
     2
    1

    DNS Request

    cachev2-m9-2.cdn.yandex.net

    DNS Request

    cachev2-m9-2.cdn.yandex.net

    DNS Response

    37.9.117.100

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    1d561e83fffbacb64d7cfad08f99de29

    SHA1

    23779297d753d5b6263c178f7f268d8bc1526982

    SHA256

    ce5c831720053016573cdd3c12a72f476d083c78499ae37a5228e94991eaceba

    SHA512

    a5988eb6f35bc6bfbdf06e6edecdef6298a2b253b23af0c6e78bdd21a27667be2f8464aeb8da043bcf6696cb6d5a91f841f80100c32e97e0643fb9c9313b67bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    3b8e6626f849c7b90bd7ef0416ff5bf1

    SHA1

    e90b5d2dd2df99c19fc88a3e182236dac1c235cb

    SHA256

    bb7ad0e7d540f338d58cb9b27a702d9bd8be6b42ef37c9ca3c1c1730288d7947

    SHA512

    0cd8225d112d70d123b1d34392ee7f929a63fe5b9db26da5a288753c5fef6d3b68b933d7c013fc30040fdf5389ee4ab52f1cc36d5b08fa6e7696ffeb2d65eefe

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9badd268285da2bd409e2614cf9f78fa

    SHA1

    7de9486a9e79217eb621c4d328a5ee89c6113410

    SHA256

    9b1e6119f44743fb89d7bf3dbdfeb71fd89d3c91b49ddb526c344cff1ce5e3b5

    SHA512

    b8ec32f5e3c305502add79324484bbf315ed5c0f36a143fc20d90003753b5b61e0d4ea4612cb9b832eebd22077d83f1237eb1604c4f6018d0db640a7b1e9a3e3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb92FC.tmp
    Filesize

    152.8MB

    MD5

    8d4ce8804f4d6330cb29ffef513fcbfa

    SHA1

    a812630d4693f93940cf3569b8576c1639ec0582

    SHA256

    bfa12ffae9a2d37d7a1ca279d38876590e1d00c09f2c4dd0a226bcb4032eb82b

    SHA512

    9860a0897f3511ce39cd0f446e7f6ee54d8936786abb9502f666df2d543d2b69376a8b4aebfd3e0097a829417fcf18bcf0225cb017bf0949c75dc23984cca2fe

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.